Hello Michael,

MN> On Wed, Jun 02, 2004 at 01:04:55PM +0200, Lothar Scholz wrote:
>> Hello Michael,
>> 
>> MN> On Wed, Jun 02, 2004 at 06:08:39AM +0900, Ken Hilton wrote:
>> >> Does anyone know of a Ruby source code obfuscator that's reliable and
>> >> readily available?  If so, I'd appreciate a pointer to it (apparently, both
>> >> ruby-lang and rubygarden are down at the time of this posting so I can't
>> >> check for myself.)
>> 
>> MN> Take a look at bRuby. It can dump the interal node-tree and then load it
>> MN> again (as far as I understand it). No Ruby sourcecode anymore. See also
>> MN> the Exerb project. 
>>  
>> MN> http://bruby.sourceforge.jp/index.en.html
>> 
>> But this is easy to reverse. It does not much more then removing the

MN> Hm, I thought, a node-dump does not contain the variable names (local
MN> variables), or at least does not require them for execution? I am
MN> probably wrong.

Look at "node.h". The nodes store ID values which are atoms (integers
that represent strings in a unique way). But there is no garantee that
one atom name integer as in the next ruby.exe start. And of course
they depend on the "require" order of the different source files.

MN> Hm, sure, the method names must be stored. But one could modify the
MN> interpreter to only store hashes of the method names, and use them to
MN> call the methods. That might give quite good obfusciation. 

There is no possible mapping for this. Hashes are not unique. You must
store the string in one way or the other. As long as you can look at
the source every person with 1 year C experience can reverse this.


-- 
 Best regards,                        emailto: scholz at scriptolutions dot com
 Lothar Scholz                        http://www.ruby-ide.com
 CTO Scriptolutions                   Ruby, PHP, Python IDE 's